IAPP contributor Jersain Llamas Covarrubias offers a practice-oriented overview of Mexico's current cybersecurity framework.

With the soon to be releases of new and smarter technology, such as quantum computing and smarter artificial intelligence agents, I wonder if our good intentions will be enough. There will always be ...

IAPP Managing Director, Canada, Kris Klein asks readers their thoughts on what the right approach to data sovereignty is for Canada.

The White House unveiled its AI Action Plan 23 July, setting out its priorities for how it will approach the technology during President Donald Trump's second term.

Expected in the second half of 2025, the European Data Union Strategy follows the actions outlined in the 2020 European strategy for data. The objective of the 2020 strategy at the time was to create ...

The rules require a risk assessment anytime a business processes data which might present a risk to consumers' privacy. Those instances include the selling or sharing of personal information; ...

IAPP Cybersecurity Law Center Managing Director Jim Dempsey analyzes the newly minted Cybersecurity Audit Rule that was approved 24 July by the California Privacy ...

Comparing public sentiment with White House priorities To help contextualize the significance of the AI action plan, the IAPP undertook an analysis of the comments OSTP received in response to its ...

IAPP Managing Director, Washington, D.C., Cobun Zweifel-Keegan offers his thoughts on the latest privacy happenings in and around D.C. This week, he analyzes direction to the Federal Trade Commission ...

In the report, the OPC acknowledged that Foodstuffs designed in several important privacy safeguards that helped it stay on the right side of the law. For example, images that did not match the ...

IAPP AI Governance Center Managing Director Ashley Casovan tracks the shifting use of terminology in the AI governance ecosystem and one word that has been a mainstay — trust.

EU institutions Authorities at the EU level The EU AI Act designates the European Data Protection Supervisor as the competent authority — both market surveillance and notifying authority — in relation ...